Protecting Against Identity Theft

One of the biggest crimes today is "identity theft" -- people managing to acquire certain personal information about you and then using it to obtain credit and other benefits.

Since they are purporting to be you, it's not their credit or repuation they ruin; it's yours.

How does identity theft happen? Many point to a sort of "perfect storm" of practices among U.S. institutions.

Credit card companies have become far too willing to hand out a credit card -- mostly because their high interest rates more than cover their losses. Often all you need is a social security number to obtain one.

In the U.S. we have very little protecting the buying and selling of our contact information. If you subscribe to a magazine, that magazine can sell your contact and demographic information to anybody -- a magazine, a credit card company, a service provider.

Insurance companies, universities, health-care providers, registries of motor vehicles -- these institutions have designed their massive data systems around your social security number.

These factors combine to create an environment where if you have someone's social security number, it is fairly easy to get any information or service in that person's name.

However, guarding your SSN is nearly impossible in this environment because it has become the ubiquitous identifier. Think of all those who have access to your motor vehicle record, insurance information, college transcripts, credit reports. It quickly adds up to thousands of people you have never met. Add on top of that the hundreds of database and system administrators working with or for those people.

Not only must you guard against an unscrupulous person among those thousands, you must also worry about the careless or gullible.

Here's a good insurance-agent test. Call your insurance agent and say you were hit by car with license plate xyz (use that of a friend in another town). See how much information they will give you.

On the Internet, it becomes far easier to be tricked into giving up information. First off, there are all sorts of malicious programs -- malware -- that can find their way onto your computer. They can record things like keystrokes and surreptiously send them back to a thief. Good anti-virus software, using something other than Internet Explorer for a Web browser and a decent firewall that guards both incoming and outgoing traffic can help.

However, sometimes an attack can be in plain sight. Occasionally you might get emails or other messages instructing you to follow a link and enter your user name and password to confirm some service. A lot of times these are phony sites designed to look like the real thing. This practice, referred to as phishing, can give up login information that attackers can use to get at other information.

Rather than following these links directly or responding to similar inquiries made by an apparent telemarketer, go directly to the company's official Web site or call their customer service number and do your business that way. This way, you know you are dealing with the company and not some fraud.